Feds thwart extortion plot against Best Buy

[InfoSec News <isn () c4i org>]

Forwarded from: William Knowles <wk () c4i org>

http://www.startribune.com/stories/535/4304797.html

David Phelps
dphelps () startribune com
Star Tribune 
January 7, 2004 

Federal authorities said Tuesday they thwarted an extortion plot
against Best Buy Co. Inc. by a man who sent the company an e-mail
threatening to expose what he claimed were weaknesses in the
retailer's computer system unless he was paid $2.5 million.

Thomas E. Ray III, a 25-year-old Jackson, Miss., resident, made his
first Minnesota court appearance Tuesday before U.S. Magistrate Judge
Earl Cudd. He pleaded not guilty and was released on $10,000 bail.

Ray faces two felony charges of making extortion threats to damage
property or reputation and extortion threats to damage computers. He
is being represented by Minneapolis attorney Rick Petry.

He was indicted in federal court in Mississippi in mid-December and
accused of making a series of threats in October to Richfield-based
Best Buy about the security of its BestBuy.com site. No security
breaches were made into the system, Best Buy said.

Federal investigators became involved after security officials at Best
Buy contacted federal authorities about the demands. The Minnesota
CyberCrime Task Force also took part in the investigation, as did
America Online and Netscape, Internet service providers that Ray used.

According to the indictment, Ray made the e-mail demands to Best Buy
under the name and Internet address of "Jamie Weathersby, IPC Corp."

According to an FBI search warrant, the first e-mail demand came on
Oct. 16. It said there was a flaw in Best Buy's Web site that would
allow the sender to "review all customer accounts and assume complete
ownership of www.bestbuy.com by moving it to another register or
server."

The e-mail also offered to establish an unspecified business
relationship between the sender and Best Buy, adding: "Without your
response, we are obligated to share the security hole with the public
for their protection. As a result, Best Buy may experience a loss in
business, thefts and lawsuits."

The search warrant, which had been kept under court seal until this
week, said a Best Buy employee attempted to respond to gain more
information from the sender but could not locate any firm called IPC
Corp.

A second e-mail came the next day offering "a step-by-step summary of
how we were able to penetrate your Web site" for $2.5 million. If Best
Buy did not agree to the deal, the e-mailer said he would list all of
Best Buy's customers and their credit card numbers on BestBuy.com.

Best Buy then contacted the e-mailer and on Oct. 22 received another
demand for $2.5 million. The money would have to be paid by Oct. 24 or
Best Buy customer information would be posted online Oct. 27, the
e-mailer said.

The federal search warrant was obtained the morning of Oct. 24 and
allowed the FBI, with Best Buy's cooperation, to use an Internet
device known as an Internet Protocol Address Verifier. It contained a
program that automatically sent back a response to Best Buy after the
company sent a message to the e-mail address. The response allowed
investigators to identify Ray as the sender of the e-mail threats,
according to the government.

Assistant U.S. Attorney Paul Luehr said the address verifier was one
of several investigative tools the government used to track Ray down.

"It was a tool that helped us confirm that other leads were moving in
the same direction," said Luehr, who declined to discuss details of
the investigation.

Ray faces a maximum of two years in prison and a $250,000 fine for
property and reputation extortion. He faces a maximum sentence of five
years in prison and a fine of $250,000 for threats to damage
computers.


 
*==============================================================*
"Communications without intelligence is noise;  Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
----------------------------------------------------------------
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
================================================================
Help C4I.org with a donation: http://www.c4i.org/contribute.html
*==============================================================*



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.